Hacker Forums Hacked

Uploaded on 2021-03-12 in TECHNOLOGY--Hackers, GOVERNMENT-Law Enforcement, FREE TO VIEW

Three of the longest running and most notorious Russian-language forums serving thousands of experienced cyber criminals have been hacked. Intelligence experts say they detected a breach of the 'elite' Maza cyber crime forum, previously known as 'Mazafaka', on 3rd March 2021. 
 
Maza is a highly-restricted Russian-language cyber crime form that has been in operation for many years, providing a communal service for some of the most sophisticated cyber criminals and financial fraudsters. 

The hack exposed information of thousands of forum members, including their user ID, username, email, password (hashed and obfuscated), certificate file names, certificate passwords and members contact information on Yahoo, MSN, Skype, and the audio to text conversion platform ICQ. 

The data breach at Maza comes after another major Russian-language forum 'Verified' suffered a compromise in February 2021. Tens of thousands of private messages between Verified users, including deposit and withdrawal information about Bitcoin, were reportedly stolen in this breach.Another Russian hacker forum, 'Exploit', is also reportedl to have been hacked, with one forum member warning other users to be careful with registered emails across multiple forums. 

The hack has left forum members worried that their data may be used by law enforcement agencies to discover their real identities.

In the case of Maza, somebody dumped a 35 page PDF file on the Dark Web containing usernames, redacted passwords and other details the personal information of forum members.Researcehrs from the leading threat intelligence form  Flashpoint say the leaked Maza database is legitimate and that Maza forum visitors were being redirected to a breach announcement page.

According to the Krebs on Security website, only intelligence services or people who know where the servers have the required skill and capabilities to disrupt criminal forums to that extent and it would appear that someone is purposefully undermining these forums.

In February, Dutch police reportedly posted "friendly" messages on two hacking forums, saying that "hosting criminal infrastructure in the Netherlands is a lost cause". The police messages were posted after 'Operation Ladybird', in which law enforcement agencies across several countries join hands to disable Emotet, one of the  most dangerous malware botnets, which has been deployed in a number of major criminal attacks on banks and other organisations. 

As part of that investigation, the Dutch National Police discovered a database containing email IDs, usernames and passwords stolen by Emotet.

Maza was hacked once before in  ten years ago when the data of more than 2,000 cyber criminal users, along with all of their forum correspondence was exposed

Brian Krebs:     Flashpoint:       Computing:      BankInfoSecurity:       ZDNet

You Might Also Read:

DarkMarket Taken Down:

 

« On International Women’s Day Only 10% Of Top Executives Were Female
European Banking Authority Attacked »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Hack Miami

Hack Miami

HackMiami is the premier resource in South Florida for highly skilled hackers that specialize in vulnerability analysis, penetration testing, digital forensics, and all manner of IT security.

Institute for National Security and Counterterrorism (INSCT)

Institute for National Security and Counterterrorism (INSCT)

INSCT is a center for the study of national security, international security, and counterterrorism. Research programs include New Frontiers in Science, Cyber, & Technology

Cyber Security Network

Cyber Security Network

Cyber Security Network provide specialist cyber security recruitment services.

Cyberwatch

Cyberwatch

Cyberwatch is a Vulnerability Scanner & Fixer software that helps you to detect and fix the vulnerabilities of your Information System.

Padlock

Padlock

Padlock is a trusted platform with an intimate knowledge of the cybersecurity industry that connects businesses with freelance professionals

Innovent Recycling

Innovent Recycling

Innovent Recycling provides a secure IT recycling & data destruction service to all types of organizations across the UK.

Lifespan Technology

Lifespan Technology

Lifespan Technology provides the full range of IT Asset Disposition services. This includes hardware recycling and disposal, data destruction, and hardware resale.

Zercurity

Zercurity

Zercurity is on a mission to build the ultimate cybersecurity operations platform for businesses. To help protect against a growing number of internal and external threats.

Data Privacy Office (DPO)

Data Privacy Office (DPO)

Data Privacy Office is a company that specializes in privacy and personal data protection, following the highest standards in its sector.

Brookcourt Solutions

Brookcourt Solutions

Brookcourt Solutions delivers cyber security, network monitoring technologies and managed security services to help secure and protect your organisation’s critical infrastructure.

NightDragon

NightDragon

NightDragon is a venture capital firm investing in innovative growth and late stage companies within the cybersecurity, safety, security, and privacy industry.

Mailinblack

Mailinblack

Mailinblack protects your organisation against email threats with an innovative solution that meets your security requirements.

443ID

443ID

443ID brings OSINT data to Identity Security professionals on any digital platform.

Cyber Capital Partners

Cyber Capital Partners

Cyber Capital Partners build strategic and financial partnerships with small and mid-sized cybersecurity companies in highly regulated markets.

SeQure

SeQure

SeQure is a cutting-edge startup specializing in the development of advanced security infrastructure for artificial intelligence and blockchain.

Mindcore Technologies

Mindcore Technologies

Mindcore provide cyber security services, managed IT services and IT consulting services to businesses in NJ, FL, and throughout the United States.